From 00091c59ee2fdc590016d25ee0eccebab965c93d Mon Sep 17 00:00:00 2001 From: "lucio.lelii" Date: Mon, 1 Feb 2016 14:14:51 +0000 Subject: [PATCH] git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-library@122675 82a268e6-3cf1-43bd-a215-b396298e98cf --- pom.xml | 5 +++ ...owedFor.java => AuthorizationControl.java} | 6 ++- .../library/annotations/SubjectToQuota.java | 14 ------- .../authorization/library/policies/Mode.java | 6 +++ .../library/policies/Policy.java | 2 + .../policies/Service2ServicePolicy.java | 29 +++++++++++---- .../library/policies/User2ServicePolicy.java | 37 ++++++++++++++----- 7 files changed, 66 insertions(+), 33 deletions(-) rename src/main/java/org/gcube/common/authorization/library/annotations/{IsAllowedFor.java => AuthorizationControl.java} (70%) delete mode 100644 src/main/java/org/gcube/common/authorization/library/annotations/SubjectToQuota.java create mode 100644 src/main/java/org/gcube/common/authorization/library/policies/Mode.java diff --git a/pom.xml b/pom.xml index 31b3a8d..64ec4f9 100644 --- a/pom.xml +++ b/pom.xml @@ -17,6 +17,11 @@ + + org.reflections + reflections + 0.9.9-RC1 + org.gcube.core common-scope diff --git a/src/main/java/org/gcube/common/authorization/library/annotations/IsAllowedFor.java b/src/main/java/org/gcube/common/authorization/library/annotations/AuthorizationControl.java similarity index 70% rename from src/main/java/org/gcube/common/authorization/library/annotations/IsAllowedFor.java rename to src/main/java/org/gcube/common/authorization/library/annotations/AuthorizationControl.java index 242192c..65a7018 100644 --- a/src/main/java/org/gcube/common/authorization/library/annotations/IsAllowedFor.java +++ b/src/main/java/org/gcube/common/authorization/library/annotations/AuthorizationControl.java @@ -6,10 +6,12 @@ import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; +import org.gcube.common.authorization.library.policies.Mode; + @Inherited @Retention(RetentionPolicy.RUNTIME) @Target(ElementType.METHOD) -public @interface IsAllowedFor { +public @interface AuthorizationControl { - String[] roles(); + Mode[] check() default {Mode.ALL}; } diff --git a/src/main/java/org/gcube/common/authorization/library/annotations/SubjectToQuota.java b/src/main/java/org/gcube/common/authorization/library/annotations/SubjectToQuota.java deleted file mode 100644 index 02f12f7..0000000 --- a/src/main/java/org/gcube/common/authorization/library/annotations/SubjectToQuota.java +++ /dev/null @@ -1,14 +0,0 @@ -package org.gcube.common.authorization.library.annotations; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Inherited -@Retention(RetentionPolicy.RUNTIME) -@Target(ElementType.METHOD) -public @interface SubjectToQuota { - -} diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Mode.java b/src/main/java/org/gcube/common/authorization/library/policies/Mode.java new file mode 100644 index 0000000..78fac8f --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/policies/Mode.java @@ -0,0 +1,6 @@ +package org.gcube.common.authorization.library.policies; + +public enum Mode { + + ALL, ACCESS, WRITE, EXECUTE; +} diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Policy.java b/src/main/java/org/gcube/common/authorization/library/policies/Policy.java index 43c5ab6..b41215f 100644 --- a/src/main/java/org/gcube/common/authorization/library/policies/Policy.java +++ b/src/main/java/org/gcube/common/authorization/library/policies/Policy.java @@ -22,6 +22,8 @@ public abstract class Policy { public abstract String getContext(); + public abstract Mode getMode(); + public long getId() { return id; } diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java index 6795743..4b75498 100644 --- a/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java +++ b/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java @@ -11,7 +11,8 @@ public class Service2ServicePolicy extends Policy{ private ServiceAccess client; private String context; private ServiceAccess serviceAccess; - + private Mode mode = Mode.ALL; + protected Service2ServicePolicy(){} public Service2ServicePolicy(String context, ServiceAccess serviceAccess, @@ -21,6 +22,12 @@ public class Service2ServicePolicy extends Policy{ this.client = client; } + public Service2ServicePolicy(String context, ServiceAccess serviceAccess, + ServiceAccess client, Mode mode) { + this(context, serviceAccess, client); + this.mode = mode; + } + @Override public PolicyType getPolicyType() { return PolicyType.SERVICE; @@ -28,7 +35,7 @@ public class Service2ServicePolicy extends Policy{ @Override public String getPolicyAsString() { - return this.context+","+serviceAccess.getAsString()+","+serviceAccess.getAsString(); + return this.context+","+serviceAccess.getAsString()+","+serviceAccess.getAsString()+"["+mode.toString()+"]"; } public ServiceAccess getClient() { @@ -48,8 +55,8 @@ public class Service2ServicePolicy extends Policy{ final int prime = 31; int result = 1; result = prime * result + ((client == null) ? 0 : client.hashCode()); - result = prime * result - + ((context == null) ? 0 : context.hashCode()); + result = prime * result + ((context == null) ? 0 : context.hashCode()); + result = prime * result + ((mode == null) ? 0 : mode.hashCode()); result = prime * result + ((serviceAccess == null) ? 0 : serviceAccess.hashCode()); return result; @@ -74,6 +81,8 @@ public class Service2ServicePolicy extends Policy{ return false; } else if (!context.equals(other.context)) return false; + if (mode != other.mode) + return false; if (serviceAccess == null) { if (other.serviceAccess != null) return false; @@ -81,11 +90,17 @@ public class Service2ServicePolicy extends Policy{ return false; return true; } - + @Override public String toString() { - return "Service2ServicePolicy [client=" + client + ", environment=" - + context + ", serviceAccess=" + serviceAccess + ", id = "+id+"]"; + return "Service2ServicePolicy [id="+getId()+" client=" + client + ", context=" + + context + ", serviceAccess=" + serviceAccess + ", mode=" + + mode + "]"; + } + + @Override + public Mode getMode() { + return this.mode; } diff --git a/src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java index 9eae5ba..83a2bfb 100644 --- a/src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java +++ b/src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java @@ -18,6 +18,8 @@ public class User2ServicePolicy extends Policy { private String context; private ServiceAccess serviceAccess; + private Mode mode = Mode.ALL; + protected User2ServicePolicy(){} public User2ServicePolicy(String context, ServiceAccess serviceAccess, UserEntity entity) { @@ -26,6 +28,12 @@ public class User2ServicePolicy extends Policy { this.entity = entity; } + public User2ServicePolicy(String context, ServiceAccess serviceAccess, UserEntity entity, Mode mode) { + this(context, serviceAccess, entity); + this.mode = mode; + } + + public UserEntity getEntity() { return entity; } @@ -41,20 +49,22 @@ public class User2ServicePolicy extends Policy { @Override public String getPolicyAsString() { - return this.context+","+serviceAccess.getAsString()+","+entity.getAsString(); + return this.context+","+serviceAccess.getAsString()+","+entity.getAsString()+"["+mode.toString()+"]"; } public String getContext() { return context; } + + @Override public int hashCode() { final int prime = 31; int result = 1; + result = prime * result + ((context == null) ? 0 : context.hashCode()); result = prime * result + ((entity == null) ? 0 : entity.hashCode()); - result = prime * result - + ((context == null) ? 0 : context.hashCode()); + result = prime * result + ((mode == null) ? 0 : mode.hashCode()); result = prime * result + ((serviceAccess == null) ? 0 : serviceAccess.hashCode()); return result; @@ -69,15 +79,17 @@ public class User2ServicePolicy extends Policy { if (getClass() != obj.getClass()) return false; User2ServicePolicy other = (User2ServicePolicy) obj; + if (context == null) { + if (other.context != null) + return false; + } else if (!context.equals(other.context)) + return false; if (entity == null) { if (other.entity != null) return false; } else if (!entity.equals(other.entity)) return false; - if (context == null) { - if (other.context != null) - return false; - } else if (!context.equals(other.context)) + if (mode != other.mode) return false; if (serviceAccess == null) { if (other.serviceAccess != null) @@ -86,11 +98,16 @@ public class User2ServicePolicy extends Policy { return false; return true; } - + @Override public String toString() { - return "User2ServicePolicy [entity=" + entity + ", environment=" - + context + ", serviceAccess=" + serviceAccess + ", id = "+id+"]"; + return "User2ServicePolicy [id="+getId()+" entity=" + entity + ", context=" + context + + ", serviceAccess=" + serviceAccess + ", mode=" + mode + "]"; + } + + @Override + public Mode getMode() { + return this.mode; } }